All Products
Search

This Product

    Service Catalog:Grant permissions to an administrator

    Document Center

    Service Catalog:Grant permissions to an administrator

    Last Updated:Dec 05, 2025

    The administrator can define, manage, and distribute compliant IT services. The administrator must have the permissions to access the Service Catalog console, manage products, product portfolios, and constraints, and grant end user permissions. The administrator can be an Alibaba Cloud account, a Resource Access Management (RAM) user, or a RAM role. In this topic, the administrator is a RAM user.

    Prerequisites

    A RAM user is created. For more information, see Create a RAM user.

    Procedure

    Console

    1. Log on to the RAM console.

    2. On the Users page, find the target RAM user and click Add Permissions in the Actions column.

      image

    3. In the Grant Permission panel, add permissions for the RAM user.

      1. Set Resource Scope to Account.

      2. In the Policy section, search and select the AliyunServiceCatalogAdminFullAccess system policy. To grant a custom policy, you must first create a custom permission policy and then select the required permissions.

        Note

        The AliyunServiceCatalogAdminFullAccess policy grants full administrative permissions for Service Catalog. An administrator with this policy can access and configure all features for end users and other administrators.

    4. Click OK.

    OpenAPI

    Grant a custom policy

    1. You can create a custom policy by calling CreatePolicy. For more information, see Basic elements of an access policy and Overview of the access policy example library.

    2. Call AttachPolicyToUser to attach the access policy to the specified RAM user. Set PolicyType to Custom.

    Grant a system policy

    Call AttachPolicyToUser to attach the access policy to the specified RAM user. Set PolicyType to System and PolicyName to AliyunServiceCatalogAdminFullAccess.